package cn.sm1234.realms;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class MyRealm extends AuthorizingRealm{

	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
		System.out.println("执行了授权方法");
		
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		
		//添加资源授权码
		info.addStringPermission("product:add");
		
		//添加角色授权码
		info.addRole("admin");
		
		return info;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
		System.out.println("执行了认证方法");
		
		//1.获取用户输入的账户信息
		UsernamePasswordToken token = (UsernamePasswordToken)arg0;
		
		//模拟数据库的密码
		String name = "jack";
		String password = "1234";
		
		if(!token.getUsername().equals(name)){
			//用户不存在
			return null;
		}
		
		//返回密码
		return new SimpleAuthenticationInfo(name,password,"");
	}
	
}
